s/forget passphrase for/cause permanent destruction of/ , Re: Letwin wants increased penalties for refusal to decrypt

Matthew Astley lists-ukcrypto at fruitcake.demon.co.uk
Mon, 19 Aug 2002 04:26:07 +0100 

(My apologies to those who bother to follow this: I seem to be lacking
focus. Suggestions welcome.)


On Sun, Aug 18, 2002 at 10:33:43PM +0100, Kieran wrote:
> On Sun, 18 Aug 2002, Matthew Astley wrote:

> > How does encryption of data compare, legally, with irreversible[1]
> > destruction?
> 
> Completely different. You'd have to explain why you encrypted data

One generally encrypts data to keep it private. I'm sure this has been
discussed already. It isn't really related to what I'm asking, except
insofar as it might be harder to explain why the computer exploded
when the police came round.

> rather than securely deleted it. The only valid reason IMO is to
> access again.

"Secure deletion" by programs like shred, wipe and the PGP thingy work
by overwriting data twenty-odd times. For a large disc, this will take
many hours, and is still not guaranteed to keep out those with large
budgets.

It would be quicker to securely erase the block containing a crypto
key, but then you have to prove it was there in the first place - in
order to prove that you never knew the key yourself.


I wasn't talking about secure deletion. I was talking about
vapourising the entire drive, or smashing it into dust.

For an extreme, and quite plainly White Hat, version of this try

  http://www.foresight.org/EOC/EOC_Chapter_11.html#SealAssLab

  (The basic plot is to allow people to "play" with useful but rather
  dangerous nanotechnology, but in such a way that it can never leave
  the sealed laboratory without being utterly destroyed.)

It's the computer version of shredding the accounts and feeding them
into the incinerator.


> > Would it be fair to say that pre-RIP they were mostly equivalent?
> > The data was encrypted, so a court could not read it. Game over.
> >
> > The law is now being changed because TPTB wish to gain access to
> > that class of data, but the goalposts can be moved.

> My understanding is that there hasn't been a case involving
> encryption where "poor hygene" hasn't allowed access to some
> information.

While this is fortunate for the CPS, it's a sad comment on security
engineering. More importantly, it should be changing gradually because
many are aware of these shortcomings.

Hence, I thought, the desire for the RIP Act.


> > There's the old story about pr0nographers dropping their
> > glass-plattered hard discs out of windows, and

So I suppose you could have the discs suspended at the top of your
chimney in a plastic bag, and cut the wires and support with a spring
loaded guillotine - Heath Robinson would be proud!

> > I'm told that military installations have drives locked in a safe
> > with an explosive charge[2] attached.

No self-respecting Accused wants to be seen with an explosive device.
Perhaps it would be neater to drill a hole in the drive (may
invalidate the warranty!) and put it in a safe. Then, at destruction
time, pump the drive cavity full of ferric chloride, battery acid or
something similarly unpleasant. All the ones and noughts go into
solution and get jumbled up.


I'm getting carried away talking to myself, sorry.

The point is that wilful and guaranteed destruction of data is only
slightly more difficult than encryption, and because it is not
reversible the court cannot force you to reverse it.

> > Not only are the setup costs greater, the false alarm costs are
> > pretty significant too. Still, if you're running an illegal
> > business then presumably costs like these are part of the plan.

> Remember, you have to encrypt/destroy _all_ copies.

I'm sure it's a hard life, being a criminal. I have little sympathy
really.

That said, I really should take more care of the plaintext when I
write emails which I later encrypt and send. It's the principle more
than anything else.

> Post RIP, you are at the mercy of a jury in a "produce the key"
> phase. This isn't exactly safe: bear in mind that judges hate
> smart-arses.

There are no keys - the data has gone.

I was (at least at some point in this jumble) working on the
assumption that the rules say, if you're caught with encrypted data
then you go to prison. Hence, destroy the data at the first sign of
trouble.

> > What should a jury read into the self-destruction of the accused's
> > data?

> If it's gone, it's gone.

So, none of this

  "Did you, on the night of 32nd Octember, feed 250 pages of A4 into
  the shredder?"

then?


> > Was it caused by an alarm going off when the police broke the door
> > down?

> You want to bet your liberty on such a system?

I'm starting from the axiom that the criminal will go about his
business, and then add on whatever protection he thinks he can get.
He's betting his liberty on not getting caught from square one.

> Bear in mind it could go off when your co-worker/kid set it of by
> mistake. Such systems make nice thought-experiments, but aren't
> practical.
> 
> After all, if the data is worth keeping, repeated raids by Plod will
> be a serious inconvenience.

As I said in the footnote, "apparently irreversible" is all that's
required. Unless the data is expendable, you presumably have backups
somewhere.

I stick mine on a CD and put them in a different building. I imagine
that if you want to keep their very existence secret, you have to play
silly games to hide them somewhere.


OK, here's a here-and-now question. If you're caught digging up a CD,
and it turns out it contains half of a one time pad (eg. message
saying "please insert second disc" when you run it) ... how does a
court require you to disclose the location of the other half?

Does the RIPA change their power in this case?

I ask this because it seems to be a very close analogy to revealing a
passphrase.

> > Did it happen because the accused had been locked up for 24 hours
> > and not had a chance to "feed" it, so it "died of loneliness"?

> I believe the first thing the police should do is switch off all
> computers, then image the disks. Not a lot of "feed me" systems are
> going to be robust against this.

In the case I outlined above, this would be a mistake. Switching off
the computer would presumably trigger the acid to be pumped into the
disc drive. The only "imaging" the police can do after that is with a
camera.

As for "feed me": if the police know that switching the machine off
will destroy the evidence, they have to take you to court to get an
order for you give them the disc intact (yes?). While you're away, the
thing gets lonely and destroys itself anyway. The court order becomes
pointless, but they can't accuse you of contempt if it dies before you
are ordered to rescue it.

It would be rather like trying to defuse a bomb, I suppose, only the
aim would be to leave it in such a state that you could read the
manufacturer's label.

> > What about if it died when the police entered a password which the
> > accused gave them?

> They try again with another copy.  Then charge you with obstruction
> of justice, I would imagine.

There is only the one safe.

However, I think "obstruction of justice" is probably one of the
answers I was looking for... it seems that the penalties under RIP
should be related to this, rather than the crime for which the data is
supposed to be evidence.


> > What should a jury think, when informed that the accused possessed
> > a seizure-proofed device? (Surely only a criminal would use such a
> > thing!)

> Bear in mind the judge is almost certain to take a dim view of this
> sort of thing.

Under the circumstances outlined, this seems likely. Yet, is it fair?

Most offices own at least one paper shredder. The main difference is
that the paper shredder doesn't automatically spring into action when
the police visit.

Can the existence of a self-destruct mechanism be taken as
circumstantial evidence that a crime of some sort has been committed?


> > The thought was prompted by Peter's comment, and a pub
> > conversation about a chap who maintained "uptime" on his PC by
> > carrying it and its UPS between houses during two moves. (The
> > corollary to the UPS thing being that if you're paranoid you
> > should have a wall between the UPS and the computer, or better yet
> > the charge in the safe.)

> How does this work if plod unplugs the UPS from the computer?

The point was that having the UPS and computer next to each other
allows the machine to be removed while still running. If the first
thing the police do is switch it off, then that doesn't make any
difference.

However, if the crypto key (for data stored on a conventional but
encrypted disc) is held only[1] in RAM, the police destroy the
evidence for you when they take the machine away.

So, if they know you've set it up this way, they presumably try to
take it away without switching it off. Hence, you would try to make
this difficult by not putting the UPS next to the computer.

As we agreed in the pub, this is a silly train of thought and the
ultimate is the military version: last man alive pulls the pin on the
self-destruct.


Matthew  #8-)
-- 
[1] Keys held only in RAM are obviously going to be lost if you crash
    the machine or trip over the power lead. Care would be required.